|
| Popular Security News |
Critical Drupal Vulnerability Allows Remote Code ExecutionSecurity updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution.
read more |
Apple Makes 2FA Mandatory For Boss DevelopersBetter late than never, and youve got a week to make this happen. |
POS Firm Says Hackers Planted Malware On Customer NetworksNearly 140 bars, restaurants, and coffee shops all over the US have had POS systems infected with malware. |
This Malware Turns ATM Hijacking Into A Slot Machine GameWinPot can force infected ATMs to automatically dispense cash. Just spin. |
Cyber Espionage Warning: The Most Advanced Hacking Groups Are Getting More AmbitiousThe top 20 most notorious cyber espionage operations have increased their activity by a third in recent years - and are looking to conduct more attacks, according to a security company. |
Password Managers May Leave Your Online Crown Jewels Exposed In RAM To Malware – But Hey, Theyre Still Better Than The AlternativeThe alternative being memorizing a bunch of really long unique passphrases A bunch of infosec bods are taking some of the most popular password managers to task after an audit revealed some mildly annoying, non-world-ending security... |
Accused Hacker Lauri Love Loses Legal Bid To Reclaim Seized IT GearSpared court costs as he reveals £120-a-week income "Mr Love, youre not the victim in this. You brought this on yourself; youre the victim of your own decisions," District Judge Margot Coleman told accused hacker Lauri Love in court today... |
Millions Of “private” Medical Helpline Calls Exposed On InternetEver wondered what happens to helpline calls recorded "to ensure you get the service you deserve"? It can all go terribly wrong... |
|
| See More |
|
| Latest Security News |
Pakistan PM Authorizes Military Response If India AttacksISLAMABAD (AP) — Pakistans prime minister on Thursday authorized the armed forces to respond decisively and comprehensively to any aggression or misadventure by neighboring India, as tensions soared between the nuclear-armed rivals. |
Senator Elizabeth Warren Backs Reparations For Black Americans"We must confront the dark history of slavery and government-sanctioned discrimination in this country that has had many consequences including undermining the ability of Black families to build wealth in America for generations," Warren,... |
Canada Looks To Reunite Syrian Family After Fire Claims Seven KidsCanada is looking to quickly bring over siblings of a Syrian refugee distraught over the loss of her seven children in a Halifax house fire, the prime minister said Thursday. "The immigration minister is seized with this particular case,"... |
Mexican Privacy Watchdog Criticizes Government Over SpywareMexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.
read... |
Alabama Woman Who Joined Islamic State Sues To Return To USWASHINGTON (AP) — The father of an Alabama woman who joined the Islamic State in Syria filed suit against the Trump administration Thursday in an effort to allow her return to the United States. |
|
| See More |
|
| Latest News from Research Labs |
Murkios Bot Drops Files And Controls System RemotelyThe Zscaler ThreatLabZ team came across the Murkios bot, which silently installs itself onto a user’s system and connects to a command-and-control (CC) server by opening Secure Shell (SSH) terminals from the compromised system. This bot... |
Lessons Learned From The Microsoft SOC—Part 1: OrganizationIn the first of our three part series, we provide tips on how to manage a security operations center (SOC) to be more responsive, effective, and collaborative.
The post Lessons learned from the Microsoft SOC—Part 1: Organization appeared... |
Why The Pipeline Cybersecurity Initiative Is A Critical StepWorking together with government to push a more coordinated effort around infrastructure securityparticularly pipelines and utilitiesis critical. The new Pipeline Cybersecurity Initiative will help ensure that additional resources, information-sharing,... |
New Breed Of Fuel Pump Skimmer Uses SMS And BluetoothFraud investigators say theyve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from... |
How Costly Are Sweetheart Swindles?And that’s on top of the heartache experienced by the tens of thousands of people who fall for romance scams each year
The post How costly are sweetheart swindles? appeared first on WeLiveSecurity |
|
| See More |
|
| Latest Security Videos & Podcasts |
Offpath Attacks Against PKIThe security of Internet-based applications fundamentally rely on the trustworthiness of Certificate Authorities (CAs). We practically demonstrate for the first time that even a very weak off-path attacker can effectively subvert the trustworthiness... |
Open Source Network MonitoringId like to offer an introduction into Network System Monitoring using different open tools available in linux. The talk is a technical approach to identify the best sniffing points in a network and how to orchestrate a full analysis of... |
Orchestrating Security Tools With AWS Step FunctionsIncreasingly frequent deployments make it impossible for security teams to manually review all of the code before it is released. We wrote a Terraform-deployed application to solve this problem by tightly integrating into the developer... |
Pure In-Memory (Shell)Code Injection In Linux UserlandA lot of research has been conducted in recent years on performing code injection in the Windows operating system without touching the disk. The same cannot be said about *NIX (and Linux specifically). Imagine yourself sitting in front... |
RFID Chip Inside The Body: Reflecting The Current State Of Usage, Triggers, And Ethical IssuesChipping humans can be seen as one of the most invasive biometric identification technologies. RFID (Radio Frequency Identification) as the key technology in the field of the Internet of Things produces many applications. For example, human... |
|
| See More |
|
| Latest Security Papers & Presentations |
Bob 1.0.1: CTF WalkthroughIn this article, we will learn to solve a Capture the Flag (CTF) challenge which was posted on VulnHub by “c0rruptedb1t.” According to the information given by the author of the challenge, this CTF...Go on to the site to read the full... |
Top 30 Information Assurance Analyst Interview Questions And Answers For 2019Introduction The Information Assurance Analyst position is an exciting information security position that comes with many responsibilities. Chief among these responsibilities are planning, designing...Go on to the site to read the full... |
The Not-So-Black-and-White Of GraywareWe hear a lot about malware, and fair enough — malware is behind some of the world’s largest data breaches. However, malware has a cousin. This cousin is known as grayware. Grayware, as the name...Go on to the site to read the full... |
Exploring Commonly-Used Yet Vulnerable ComponentsIntroduction In this article, we will explore some technologies that are commonly used today despite being known to be vulnerable. We’ll discuss why these technologies are considered vulnerable, and...Go on to the site to read the full... |
Quick And Dirty BurpSuite Tutorial (2019 Update)Introduction In this article we look at BurpSuite, a framework of tools that can be used during penetration testing. We’ll cover the latest release of BurpSuite, version 2.0, getting our hands dirty...Go on to the site to read the full... |
|
| See More |
|
|
